Merge pull request #3512 from xnegativx/fix-auth-params

Fix challenge parameters for cognito-idp/initiate_auth flow
This commit is contained in:
Steve Pulec 2020-12-03 18:07:32 -06:00 committed by GitHub
commit b6369d6250
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 8 deletions

View File

@ -944,8 +944,8 @@ class CognitoIdpBackend(BaseBackend):
"ChallengeName": "PASSWORD_VERIFIER", "ChallengeName": "PASSWORD_VERIFIER",
"Session": session, "Session": session,
"ChallengeParameters": { "ChallengeParameters": {
"SALT": str(uuid.uuid4()), "SALT": uuid.uuid4().hex,
"SRP_B": str(uuid.uuid4()), "SRP_B": uuid.uuid4().hex,
"USERNAME": user.id, "USERNAME": user.id,
"USER_ID_FOR_SRP": user.id, "USER_ID_FOR_SRP": user.id,
"SECRET_BLOCK": session, "SECRET_BLOCK": session,

View File

@ -1294,7 +1294,7 @@ def user_authentication_flow(conn):
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": username, "USERNAME": username,
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": secret_hash, "SECRET_HASH": secret_hash,
}, },
) )
@ -1341,7 +1341,7 @@ def user_authentication_flow(conn):
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": username, "USERNAME": username,
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": secret_hash, "SECRET_HASH": secret_hash,
}, },
) )
@ -1638,7 +1638,7 @@ def test_initiate_auth_USER_SRP_AUTH():
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": username, "USERNAME": username,
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": secret_hash, "SECRET_HASH": secret_hash,
}, },
) )
@ -1688,7 +1688,7 @@ def test_initiate_auth_for_unconfirmed_user():
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": username, "USERNAME": username,
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": secret_hash, "SECRET_HASH": secret_hash,
}, },
) )
@ -1724,7 +1724,7 @@ def test_initiate_auth_with_invalid_secret_hash():
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": username, "USERNAME": username,
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": invalid_secret_hash, "SECRET_HASH": invalid_secret_hash,
}, },
) )
@ -1782,7 +1782,7 @@ def test_respond_to_auth_challenge_with_invalid_secret_hash():
AuthFlow="USER_SRP_AUTH", AuthFlow="USER_SRP_AUTH",
AuthParameters={ AuthParameters={
"USERNAME": result["username"], "USERNAME": result["username"],
"SRP_A": str(uuid.uuid4()), "SRP_A": uuid.uuid4().hex,
"SECRET_HASH": valid_secret_hash, "SECRET_HASH": valid_secret_hash,
}, },
) )